// CONTENT PUBLISHING TOOL FOR CREATORS
KTB Post
A content management tool that enables creators to publish branded video content to their social channels through official Content Posting APIs. Built for creators who run multiple branded channels and want a reliable, scriptable publishing workflow. Current implementation: TikTok. Roadmap: Instagram Reels, YouTube Shorts.
What it does
OAuth login
Authenticates the creator's TikTok account through TikTok's official Login Kit with PKCE (S256).
Profile lookup
Reads basic profile data (display name, avatar) via the Display API to confirm the right account.
Direct Post
Publishes pre-rendered MP4 files directly to the creator's feed through TikTok's Content Posting API.
Status polling
Polls publish status until PUBLISH_COMPLETE, then logs the final publish_id locally.
End-to-end flow
- The creator runs the CLI from their local machine — a desktop Python tool that runs locally.
- Browser opens TikTok's OAuth dialog with the three scopes the workflow needs:
user.info.basic,video.upload,video.publish. PKCE (S256) is used per the Login Kit Desktop specification. - The creator authorizes — TikTok redirects to the CLI's local loopback callback (
http://localhost:8765/callback) with an auth code. - CLI exchanges the code + PKCE verifier for an access token and refresh token (stored locally only).
- The creator picks a local MP4 from disk and enters caption + hashtags.
- CLI calls
/v2/post/publish/video/init/withsource=FILE_UPLOADand apost_infoblock (caption,privacy_level, comment/duet/stitch flags),PUTs the binary bytes to the returnedupload_url, then polls/v2/post/publish/status/fetch/until status =PUBLISH_COMPLETE. - Video appears on the creator's TikTok feed immediately. The final
publish_idis logged locally for the creator's records. No data is sent to third parties beyond TikTok itself.
TikTok scopes used
The tool requests only the three scopes strictly required for the Direct Post workflow:
| Scope | Why it's required |
|---|---|
user.info.basic |
Identify which authenticated TikTok account the publish will target (open_id, display_name). |
video.upload |
Upload an MP4 file binary to TikTok via the Content Posting API. |
video.publish |
Publish the uploaded video directly to the authenticated account's feed with caption and privacy settings. |
video.list,
user.info.profile, analytics scopes, Share Kit, commercial-content scopes)
are not requested because the Direct Post workflow doesn't need them.
Current deployment
The tool is currently deployed by Khuê Trần — a marketing operator — to manage their branded TikTok channel:
The architecture supports onboarding additional creator accounts via the same OAuth flow — each creator authenticates their own account through TikTok's authorization dialog and manages publishing on their own machine.
Data handling
- OAuth tokens are stored only on the creator's local machine, never on a third-party server controlled by us.
- Video files and caption metadata stay on the creator's local disk and are uploaded directly to TikTok.
- No data is shared with any analytics, advertising, or storage provider other than TikTok itself.
- Each creator's session is isolated to their own machine.
- Full details: Privacy Policy · Terms of Service.
Architecture
The tool is a Python 3.11 CLI (~400 lines) that runs locally on the creator's machine. It uses
the requests library for HTTP, a temporary local HTTP server for the OAuth callback,
and writes session state to a local config file. The current distribution is a CLI; a desktop GUI
wrapper is on the roadmap.
Status
Production review in progress. The tool has been validated end-to-end in TikTok Developer sandbox mode against the creator's account. The current build is being submitted for TikTok production approval so the creator can publish to their feed with public visibility.
Contact
For questions about this tool or the TikTok integration, email [email protected].